Ask Hackaday: Does Your Car Need An Internet Killswitch?

/in


Back in the good old days of carburetors and distributors, the game was all about busting door locks and hotwiring the ignition to boost a car. Technology rose up to combat this, you may remember the immobilizer systems that added a chip to the ignition key without which the vehicle could not be started. But alongside antitheft security advances, modern vehicles gained an array of electronic controls covering everything from the entertainment system to steering and brakes. Combine this with Bluetooth, WiFi, and cellular connectivity — it’s unlikely you can purchase a vehicle today without at least one of these built in — and the attack surface has grown far beyond the physical bounds of bumpers and crumple zones surrounding the driver.

Cyberattackers can now compromise vehicles from the comfort of their own homes. This can range from the mundane, like reading location data from the navigation system to more nefarious exploits capable of putting motorists at risk. It raises the question — what can be done to protect these vehicles from unscrupulous types? How can we give the user ultimate control over who has access to the data network that snakes throughout their vehicle? One possible solution I’m looking at today is the addition of internet killswitches.

The Scope of the Problem

[Chris] and [Charlie] remotely hacked into a Jeep, disabling its brakes remotely and sending it careening into a ditch.

As any hacker knows, a connected computer is a vulnerable computer. In vehicles, not only are the embedded systems connected to the internet, but they’re also capable of controlling vital safety systems. While many wrote off these concerns as unrealistic, the uncomfortable truth came home to roost in 2015. Security researchers [Charlie Miller] and [Chris Valasek] were able to remotely take control of a Jeep Cherokee, with just a laptop and a 3G data connection. The duo were able to scan the internet for further targets, and could even track various Chrysler automobiles around the country thanks to GPS and their in-dash entertainment systems.

This discovery led to the recall of 1.4 million vehicles, with Chrysler sending out firmware upgrades on USB drives to patch…

Source…